10.4: Use the Certificate Authority to create certificates
Authored by: Regek on Jul 07, '05 02:56:15AM
As long as the other person already knows and trusts you, just forward a copy of your root certificate and have that person add it to his X509Anchors keychain. That makes it so that all future data signed by one of your certificates or a certificate you signed is trusted by OS X.
Took me ages to figure that one out.
Though yes, it's more complicated than the "it just works" that you get when using a CA already in X509Anchors.
The obvious question to me would be, can this be used to simplify setting up a secure certificate for serving HTTPS pages off your Mac? Can this simplify any of the instructions outlined in this extensive hint.
mac as a Certificate Authority.
Authored by: Yelsmek on Jun 06, '05 11:32:21PM
I too would like to know what this
blurb means in the Certificate Assistant: "How do I get a certificate?
In order to obtain a valid certificate, you must form a certificate request and send it to a certificate authority. If the authority agrees, it will make your certificate and return it to you. There are many ways to do this. You can use Certificate Assistant, you can use the web site of a commercial certificate authority, or you can obtain a personal certificate from .Mac. You can obtain and hold many certificates signed by different CAs that are each valid separately and subject to different policies. For example, you may have one certificate that allows you to sign email, and another that allows you to identify yourself on iChat." How does one get one from .mac?
This pretty much answers the question: http://www.apple.com/certificateauthority/ .Mac Certificate Practices Statement While a .Mac certificate is provided with Mac OS X, it is not currently in use. The CPS will be provided when the certificate is to be used.